[Fedora-directory-users] ACI for Netgroup?????

Singh Raina, Ajeet ajeet.singh.raina at logicacmg.com
Mon Feb 18 05:22:11 UTC 2008 

My Senior system Admin who has left the organization has NIS configured
with /etc/netgroups file. All I can see he has all together 11 entries
as netgroups as:

 

------------------------------------------------------------------------
-

File  : /etc/netgroups

------------------------------------------------------------------------
-

    24  homegrp         grp1 homegrp2

    25 

    26  grp1    (bl015470, ,goeast),  (bl025470, ,goeast)

    27  #homegrp2       bl065470 bl035470

    28

    29  linux    lynx_bm lynx_psa lynx_uic lynx_uone lynx_omg lynx_desk

    30  unix     (bl015470, ,goeast) (bl025470, ,goeast) (bl035470,
,goeast) (bl

065470, ,goeast) (bl312470, ,goeast) (blrccase, ,goeast) (arsenic,
,goeast) (nio

bids, ,goeast) (ogygia, ,goeast) (bl49acls, ,goeast) (bl46acls, ,goeast)
(agnes,

 , goeast) (bl43acls, ,goeast)

    31  sun      (laurel, ,goeast) (u1-sb01, ,goeast) (BLVM04, ,goeast)
(BLVM07,

 ,goeast) (BLVM08, ,goeast) (BLVM09, ,goeast) (STAMFORD, ,goeast)

    32

    33  lynx_bm          (BL21DL385, ,goeast)

    34  lynx_psa         (Linuxdev106, ,goeast) (BL48DL385, ,goeast)

    35  lynx_uic         (bl01ln-dev, ,goeast) (bl02ln-bld, ,goeast)

    36  lynx_uone        (BLVM01, ,goeast) (BLVM02, ,goeast) (BLVM03,
,goeast) (

BLVM05, ,goeast) (BLVM06, ,goeast) (ccase-u1, ,goeast)

    37  lynx_omg         (BL14DL385, ,goeast)

    38  lynx_desk        (agile8, ,goeast)

---------------------------------------------------------------

 

All I did is tried running the migration script simply and imported it
to the Fedora DS Database. The excerpt of the ldif file is :

 

 

------------------------------------------------------------------------
--

File  : netgroup.ldif

------------------------------------------------------------------------
--

 

dn: cn=homegrp,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: homegrp

memberNisNetgroup: grp1

memberNisNetgroup: homegrp2

 

dn: cn=grp1,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: grp1

nisNetgroupTriple: (bl015470,

nisNetgroupTriple: (bl025470,

memberNisNetgroup: ,goeast)

memberNisNetgroup: ,goeast),

 

dn: cn=linux,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: linux

memberNisNetgroup: lynx_bm

memberNisNetgroup: lynx_desk

memberNisNetgroup: lynx_omg

memberNisNetgroup: lynx_psa

memberNisNetgroup: lynx_uic

memberNisNetgroup: lynx_uone

 

dn: cn=unix,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: unix

nisNetgroupTriple: (agnes,

nisNetgroupTriple: (arsenic,

nisNetgroupTriple: (bl015470,

nisNetgroupTriple: (bl025470,

nisNetgroupTriple: (bl035470,

nisNetgroupTriple: (bl065470,

nisNetgroupTriple: (bl312470,

nisNetgroupTriple: (bl43acls,

nisNetgroupTriple: (bl46acls,

nisNetgroupTriple: (bl49acls,

nisNetgroupTriple: (blrccase,

nisNetgroupTriple: (niobids,

memberNisNetgroup: ,

memberNisNetgroup: ,goeast)

memberNisNetgroup: goeast)

 

dn: cn=sun,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: sun

nisNetgroupTriple: (BLVM04,

nisNetgroupTriple: (BLVM07,

nisNetgroupTriple: (BLVM08,

nisNetgroupTriple: (BLVM09,

nisNetgroupTriple: (STAMFORD,

nisNetgroupTriple: (laurel,

nisNetgroupTriple: (u1-sb01,

memberNisNetgroup: ,goeast)

 

dn: cn=lynx_bm,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: lynx_bm

nisNetgroupTriple: (BL21DL385,

memberNisNetgroup: ,goeast)

 

dn: cn=lynx_psa,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: lynx_psa

nisNetgroupTriple: (BL48DL385,

nisNetgroupTriple: (Linuxdev106,

memberNisNetgroup: ,goeast)

 

dn: cn=lynx_uic,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

cn: lynx_uic

nisNetgroupTriple: (bl01ln-dev,

nisNetgroupTriple: (bl02ln-bld,

memberNisNetgroup: ,goeast)

 

dn: cn=lynx_uone,ou=netgroups,dc=im,dc=logica,dc=com

objectClass: nisNetgroup

objectClass: top

                                          

-------------------------------------------------------

 

I changed the ou=NetGoup to ou=netgroups as my Directory Server >
Directory Tab > im > netgroups folder was there.(Will NetGroup will
work?I don't think so)

I imported it to fedora DS and it showed no error in that process.

 

The getent netgroup <netgroupname> is also working.

 

Can you help me Now How can I create ACL...Say I have one project named
lynx_uone and all I want not to let it to access the other projects.Pls
Help me in this regard.

Will it work?

 

 



This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080218/164bd906/attachment.html>

More information about the 389-users mailing list